Wine test suite (or winrash, don't know which one) - possible way to improve for some persons (with some antivirus or firewall software running)
Hi!
I don't know if this is proper list to send this (well, I didn't find any mailinglist for the Wine test suite app and mailinglist in sf project for winrash was empty). So I thought that information would possibly reach developers of Wine test suite or winrash through this mailinglist.
And as I said in the subject, I don't know if this message concerns wine test suite or winrash program or both. Because of that, I use winrash from now on, because it is much shorter to write.
I have this winrash running on one of my computers, in windows 2003 server. There is a firewall program (ZoneAlarm Pro) installed to this computer. Some time ago, I upgraded Zonealarm to new version (5.5.062.004). This version has a feature, that checks if some programs are trying to execute new programs or something. It is possible to allow execution of new programs permanently (it saves directory and name of executable), but not in case of winrash. Winrahs starts its tests every time in temporary directory with new name. So every time a test starts, Zonealarm asks me if the execution of test is allowed. This is a problem for me, because it is annoying to click through all the messages, but it is also a problem for winrash, because I am not sitting in front of this computer very often and some tests might timeout because of that (and I think it has happened a couple of times already).
So would it be possible to start all the tests from same directory (I mean, every version of the tests would start in same directory). It would save me some time because I wouldn't have to click through all the messages.
Thanks! Tero Tamminen
On Thu, 9 Dec 2004, Tero Tamminen wrote: [...]
So would it be possible to start all the tests from same directory (I mean, every version of the tests would start in same directory). It would save me some time because I wouldn't have to click through all the messages.
I've had some dealings with ZoneAlarm and I thought it also saved an md5 checksum of the executable. Otherwise it would be too easy for an application to pretend to be another one and gain access that way.
And if a checksum is really used, then running the new tests in the same directory is not going to help.
Francois Gouget fgouget@free.fr writes:
On Thu, 9 Dec 2004, Tero Tamminen wrote: [...]
So would it be possible to start all the tests from same directory (I mean, every version of the tests would start in same directory). It would save me some time because I wouldn't have to click through all the messages.
I've had some dealings with ZoneAlarm and I thought it also saved an md5 checksum of the executable.
Yes, please clear this issue up for me! After some discussion on IRC I almost started changing the code :) Also, can't ZoneAlarm use wildcards perhaps? I couldn't find out from the webpage...
On Fri, 10 Dec 2004, Ferenc Wagner wrote:
Francois Gouget fgouget@free.fr writes:
[...]
I've had some dealings with ZoneAlarm and I thought it also saved an md5 checksum of the executable.
Yes, please clear this issue up for me! After some discussion on IRC I almost started changing the code :) Also, can't ZoneAlarm use wildcards perhaps? I couldn't find out from the webpage...
Well... this is not on a machine I have access to. What you could do is take an old verion of one of Wine's conformance tests (wininet should do) that accesses the net, run it and configure ZoneAlarm to let it through, then download a newer version and put it in exactly the same place and try again. I strongly suspect that ZoneAlarm is going to ask you again.
Le ven 10/12/2004 à 07:26, Francois Gouget a écrit :
On Fri, 10 Dec 2004, Ferenc Wagner wrote:
Francois Gouget fgouget@free.fr writes:
[...]
I've had some dealings with ZoneAlarm and I thought it also saved an md5 checksum of the executable.
Yes, please clear this issue up for me! After some discussion on IRC I almost started changing the code :) Also, can't ZoneAlarm use wildcards perhaps? I couldn't find out from the webpage...
Well... this is not on a machine I have access to. What you could do is take an old verion of one of Wine's conformance tests (wininet should do) that accesses the net, run it and configure ZoneAlarm to let it through, then download a newer version and put it in exactly the same place and try again. I strongly suspect that ZoneAlarm is going to ask you again.
Newer ZoneAlarm don't only warn on accessing the network but also on launching unknown applications. So merely launching winetests (which launches the other .exe itself via CreateProcess) will get the question to let it run or not asked, in part because the path to the test changes with each release (the temp dir name is random).
Vincent
Vincent Béron vberon@mecano.gme.usherb.ca writes:
Le ven 10/12/2004 à 07:26, Francois Gouget a écrit :
On Fri, 10 Dec 2004, Ferenc Wagner wrote:
Francois Gouget fgouget@free.fr writes:
[...]
I've had some dealings with ZoneAlarm and I thought it also saved an md5 checksum of the executable.
Yes, please clear this issue up for me! After some discussion on IRC I almost started changing the code :) Also, can't ZoneAlarm use wildcards perhaps? I couldn't find out from the webpage...
Well... this is not on a machine I have access to. What you could do is take an old verion of one of Wine's conformance tests (wininet should do) that accesses the net, run it and configure ZoneAlarm to let it through, then download a newer version and put it in exactly the same place and try again. I strongly suspect that ZoneAlarm is going to ask you again.
Newer ZoneAlarm don't only warn on accessing the network but also on launching unknown applications. So merely launching winetests (which launches the other .exe itself via CreateProcess) will get the question to let it run or not asked, in part because the path to the test changes with each release (the temp dir name is random).
Yes. But will sticking to a fixed directory name (and possibly file name) help, or does ZoneAlarm check eg. MD5 sums to thwart any countermeasure from our side? Anyway, I have the feeling that this should be solved by configuring ZoneAlarm instead of throwing in kludges. Don't you know if it's possible to disable this warning for an application or a directory?
Le ven 10/12/2004 à 10:40, Ferenc Wagner a écrit : [snip]
Yes. But will sticking to a fixed directory name (and possibly file name) help, or does ZoneAlarm check eg. MD5 sums to thwart any countermeasure from our side? Anyway, I have the feeling that this should be solved by configuring ZoneAlarm instead of throwing in kludges. Don't you know if it's possible to disable this warning for an application or a directory?
Isn't there an md5 duplicate exploit now? :)
More seriously, I don't use ZoneAlarm and hence have no idea if it is possible, but I also think configuring ZoneAlarm is a better fix (if it can be done). Else, would it be possible to LoadLibrary() the .exe and launch their main() this way? If needed, I guess we can generate .dll instead of .exe files for the tests... Of course, that's only if ZoneAlarm doesn't also check the files loaded via LoadLibrary(), but it might be useful.
Vincent
Yes. But will sticking to a fixed directory name (and possibly file name) help, or does ZoneAlarm check eg. MD5 sums to thwart any countermeasure from our side? Anyway, I have the feeling that this should be solved by configuring ZoneAlarm instead of throwing in kludges. Don't you know if it's possible to disable this warning for an application or a directory?
Actually ZoneAlarm checks MD5 or some other checksum, but it can also be configured so, that it doesn't care about those. There is option where I can specify that "Athenticate program by full path name only"... name says all (tried it, but in this case, it doesn't help because programs are launched from different directories). I think it was sometime called "This program changes frequently" but maybe I am not remembering it correctly, or it was somewhere else.
It is possible to disable the warning by application. But because ZoneAlarm thinks these programs are different, it isn't. Zonealarm only sees that, these programs are launcehd from different directory, they have different checksum, wine-test-whatever executable has different name (because date is part of the name), ZoneAlarm doesn't see same program. At least to my knowledge ZoneAlarm can't be configured with wildcards, so that it would check only part of the executable name.
But anyway, it is okay to me if you don't want to program temp directories not to be random, I just have to disable winrash and thus winetests from my win2k3 server.
Thanks
Tero Tamminen valeo@phreaker.net writes:
Yes. But will sticking to a fixed directory name (and possibly file name) help, or does ZoneAlarm check eg. MD5 sums to thwart any countermeasure from our side? Anyway, I have the feeling that this should be solved by configuring ZoneAlarm instead of throwing in kludges. Don't you know if it's possible to disable this warning for an application or a directory?
Actually ZoneAlarm checks MD5 or some other checksum, but it can also be configured so, that it doesn't care about those.
Fine, so far. This is absolutely needed, no way around.
There is option where I can specify that "Athenticate program by full path name only"... name says all
I see, thanks for the info.
Zonealarm only sees that, these programs are launcehd from different directory,
I will put in a "try this first" directory name, and fall back to "random" names if creating that fails.
they have different checksum,
We can't help this, but it shouldn't pose a problem, right?
wine-test-whatever executable has different name (because date is part of the name),
We can change this, too.
At least to my knowledge ZoneAlarm can't be configured with wildcards, so that it would check only part of the executable name.
What a shame. We'll have to go the "hard" way then.
But anyway, it is okay to me if you don't want to program temp directories not to be random, I just have to disable winrash and thus winetests from my win2k3 server.
What would be a shame again, we aren't particularly overwhelmed with Win2k3 testers. Hope we can sort it out. In the meantime just disable winrash if it's too disturbing, I'll drop you a note once the necessary changes are in place.
What would be a shame again, we aren't particularly overwhelmed with Win2k3 testers. Hope we can sort it out. In the meantime just disable winrash if it's too disturbing, I'll drop you a note once the necessary changes are in place.
I have been looking from time to time the tests (it is interesting to see if there is development going on) and I haven't seen anybody else running tests in win2k3 than myself.
Anyway, thanks for the help. I can run winrash from time to time, at least when I know that I am going to spend time on that box (more than just an occasional check). If new version comes out, I don't have to disable winrash and I can let it run all the time.
-
Ferenc Wagner -
Francois Gouget -
Tero Tamminen -
Vincent Béron